nerdexam
Cisco

210-255 · Question #65

Which data type is protected under the PCI compliance framework?

The correct answer is B. primary account number. PCI DSS is specifically designed to protect payment cardholder data, with the Primary Account Number (PAN) being the core data element that triggers PCI scope.

Security Policies and Procedures

Question

Which data type is protected under the PCI compliance framework?

Options

  • Acredit card type
  • Bprimary account number
  • Chealth conditions
  • Dprovision of individual care

How the community answered

(40 responses)
  • B
    93% (37)
  • C
    3% (1)
  • D
    5% (2)

Why each option

PCI DSS is specifically designed to protect payment cardholder data, with the Primary Account Number (PAN) being the core data element that triggers PCI scope.

Acredit card type

Credit card type (e.g., Visa, Mastercard) is not itself a sensitive data element protected under PCI DSS and does not trigger PCI compliance requirements on its own.

Bprimary account numberCorrect

The Primary Account Number (PAN) is the 14-19 digit payment card number and is the central protected data element under PCI DSS. PCI DSS requirements apply whenever a PAN is stored, processed, or transmitted. All other cardholder data elements are only in scope when they are stored alongside the PAN.

Chealth conditions

Health conditions are protected under HIPAA and related healthcare privacy regulations, not PCI DSS.

Dprovision of individual care

Provision of individual care is a healthcare concept governed by HIPAA, not a payment card data element under PCI DSS.

Concept tested: PCI DSS protected cardholder data elements

Source: https://www.pcisecuritystandards.org/document_library/

Topics

#PCI DSS#compliance#primary account number#data protection

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice